103 matches found
CVE-2019-6552
Advantech WebAccess/SCADA (WebAccess/SCADA) versions up to 8.3.5 are affected by CVE-2019-6552: multiple command injection vulnerabilities caused by insufficient validation of user-supplied data, potentially enabling remote code execution. Related advisories (ICS CISA ICSA-19-092-01) confirm affe...
CVE-2018-15704
Advantech WebAccess 8.3.2 and earlier are affected by a stack-based buffer overflow in broadweb/system/opcImg.asp. The CNVD entry confirms a vulnerability that an unauthenticated? or remote attacker could exploit via a crafted HTTP request to that path to execute arbitrary code or cause a denial ...
CVE-2018-15703
Affected product : Advantech WebAccess 8.3.2 and earlier. Vulnerability : multiple reflected cross-site scripting (XSS) flaws in the WebAccess web interface. Root cause : input is reflected back to victims in the browser without proper sanitization. Impact : remote, unauthenticated attacker can l...